Commit graph

549 commits

Author SHA1 Message Date
Bill Burke
20f12ea960 changes 2015-02-20 09:22:49 -05:00
mposolda
d8024b0c6c Kerberos refactored to be federation provider. Support for Kerberos and LDAP. Username/password authentication support with kerberos credentials.
First step - KerberosFederationProvider

Finished KerberosFederationProvider. Added support for username/password authentication with kerberos credentials

Added Kerberos UI to LDAPFederationProvider

Fixes
2015-02-18 17:19:15 +01:00
mposolda
5da05aa62a LDAP testing improvements. Support for embedded Kerberos server in testsuite 2015-02-16 11:50:28 +01:00
mposolda
3ef243dd42 Add authenticateByDefault flag to IdentityProviderModel 2015-02-13 10:08:51 +01:00
pedroigor
b0fb737de3 [KEYCLOAK-883] - Code cleanup and refactoring. 2015-02-13 01:27:11 -02:00
Bill Burke
9b053e6918 more saml config 2015-02-11 21:56:16 -05:00
Bill Burke
889fe8dd8c Merge remote-tracking branch 'upstream/master' 2015-02-11 20:54:11 -05:00
Bill Burke
3ff423c3ad saml config 2015-02-11 20:54:01 -05:00
mposolda
534187f4d7 KEYCLOAK-1037 Bad error message on login form in case of expired code 2015-02-11 18:48:32 +01:00
mposolda
03d607b022 Fix showing federation links of users in admin console 2015-02-11 13:03:31 +01:00
mposolda
07bda93b81 Support for both SPNEGO and Kerberos mechanisms. Improved logging 2015-02-11 12:25:20 +01:00
Bill Burke
36282d24b5 Merge remote-tracking branch 'upstream/master' 2015-02-10 11:33:33 -05:00
Bill Burke
0e9fcf19e0 saml url support 2015-02-10 11:33:18 -05:00
mposolda
f582250b31 KEYCLOAK-1036 Don't allow registration through identity brokering in case that realm registration is disabled 2015-02-10 16:57:07 +01:00
mposolda
90496f62ac KEYCLOAK-1035 Brokered identity linked by account management may not be recognized during login 2015-02-10 13:54:45 +01:00
mposolda
d59a28f1cb Added test for import kerberos model 2015-02-10 13:54:45 +01:00
pedroigor
ff1f10d7a7 [KEYCLOAK-883] - Refactoring to services endpoints and exposing them through admin client. 2015-02-09 21:30:21 -02:00
pedroigor
4b1ba704ec [KEYCLOAK-992] - Token retrieval from brokered idps. 2015-02-06 22:23:34 -02:00
pedroigor
99a457c5c1 [KEYCLOAK-996] - Allow application to select provider. 2015-01-30 14:02:53 -02:00
pedroigor
5fae76c7e4 [KEYCLOAK-883] - Adding tests for update profile. Removing old social related classes. 2015-01-29 16:05:00 -02:00
pedroigor
8fc6368202 [KEYCLOAK-883] - OIDC brokering tests. 2015-01-29 11:57:24 -02:00
Pedro Igor
f013796324 Merge pull request #938 from pedroigor/KEYCLOAK-883
[KEYCLOAK-883] - Initial tests for SAML brokering.
2015-01-29 09:11:39 -02:00
pedroigor
1960c608cd [KEYCLOAK-883] - Initial tests for SAML brokering. 2015-01-29 00:04:02 -02:00
Bill Burke
fd20a25100 Merge remote-tracking branch 'upstream/master' 2015-01-28 17:09:59 -05:00
Bill Burke
ea3bba98aa saml frontchannel logout 2015-01-28 17:09:13 -05:00
Stian Thorgersen
6ecd9fbde7 Merge pull request #936 from stianst/master
Provider loaders
2015-01-28 11:51:05 +01:00
Stian Thorgersen
67ba1de56f KEYCLOAK-999 Load providers from file-system 2015-01-28 09:15:07 +01:00
pedroigor
2065815627 [KEYCLOAK-883] - Model tests. 2015-01-27 23:53:56 -02:00
Stian Thorgersen
073b63de9e Clear time offset after tests 2015-01-27 08:51:04 +01:00
mposolda
920249b3e8 Fixed test failures caused by uncleared Time offset 2015-01-26 17:07:35 +01:00
Stian Thorgersen
f31bece1b9 KEYCLOAK-980 Password reset is possible with expired link 2015-01-21 13:11:06 +01:00
Stian Thorgersen
e7a792f922 KEYCLOAK-983 Fix login after reset-password 2015-01-21 12:28:30 +01:00
Bill Burke
c5303df4fc merge 2015-01-20 10:55:04 -05:00
Bill Burke
24de9e932f ?? 2015-01-20 10:47:03 -05:00
Stian Thorgersen
981d50d082 Fix OAuthRedirectUriTest 2015-01-19 12:20:58 +01:00
Bill Burke
8b6a3ad8e4 Merge remote-tracking branch 'upstream/master' 2015-01-16 18:58:01 -05:00
Bill Burke
a0ba6d2c16 saml redirect logout 1st step 2015-01-16 18:57:33 -05:00
Bill Burke
ef2698936b Merge pull request #919 from pedroigor/KEYCLOAK-884
[KEYCLOAK-884] - OpenID Connect UserInfo Endpoint.
2015-01-16 14:28:30 -05:00
pedroigor
4f432775ed [KEYCLOAK-884] - OpenID Connect UserInfo Endpoint. 2015-01-16 15:45:27 -02:00
Stian Thorgersen
ef0201718f Fix OAuthRedirectUriTest 2015-01-16 13:22:12 +01:00
Stian Thorgersen
bf6c46da1c KEYCLOAK-962 Changed access token request to use redirect_uri from initial request instead of the resolved redirect_uri 2015-01-16 11:01:03 +01:00
mposolda
d928c26e27 KEYCLOAK-539 Fuse adapter. OSGI bundling. OSGI headers in keycloak adapter maven artifacts. Rename package in jetty-core 2015-01-15 19:02:45 +01:00
Stian Thorgersen
29b8c2c924 KEYCLOAK-949 Disabled user with wrong credentials receive wrong error message 2015-01-14 10:10:53 +01:00
Stian Thorgersen
abd5967be3 KEYCLOAK-957 Access Token Request does not verify redirect_uri 2015-01-14 09:59:21 +01:00
Michael Gerber
3be74cda30 check if email is null 2015-01-14 09:18:05 +01:00
pedroigor
fa2533ed11 [KEYCLOAK-883] - Initial changes. 2015-01-13 00:58:19 -02:00
mposolda
fff8ae9f8a KEYCLOAK-942 Incorrect condition in ResourceAdminManager could cause global logout 2015-01-08 11:09:11 +01:00
Bill Burke
110783ff2f Merge remote-tracking branch 'upstream/master' 2015-01-07 19:23:47 -05:00
Bill Burke
795b1d2893 saml persistent and transient id support 2015-01-07 19:23:33 -05:00
pedroigor
c4892428ae [KEYCLOAK-928] - Validate duplicated emails when updating profile. 2015-01-07 11:09:40 -02:00
Michael Gerber
181c1c8b5b add error event if mail can not be send 2015-01-06 13:02:27 +01:00
Stian Thorgersen
45a1f4361e Add test 2015-01-05 14:34:08 +01:00
Stian Thorgersen
628437c146 KEYCLOAK-760 OAuth2 refresh token expiration date 2015-01-05 10:50:50 +01:00
Stian Thorgersen
f97b71c207 KEYCLOAK-903
No client session for direct grant
2014-12-30 13:28:08 +01:00
Stian Thorgersen
a367473386 KEYCLOAK-902 State should not be required 2014-12-30 10:38:08 +01:00
Stian Thorgersen
ebf85cf04b Add test to add/remove RequiredAction to UserTest 2014-12-29 08:56:23 +01:00
Bill Burke
ec9ce6ef2f error page adapter support 2014-12-23 16:33:08 -05:00
Bill Burke
e39ea2adaf remove redundant tests 2014-12-22 16:06:19 -05:00
Bill Burke
8a1b7e39af RESTEASY-901 2014-12-22 15:59:25 -05:00
Michael Gerber
3be930f6cf Not required authentication test cases 2014-12-21 15:32:36 +01:00
Bill Burke
28a56289d9 Merge pull request #897 from patriot1burke/master
saved requests
2014-12-17 22:29:46 -05:00
Bill Burke
08be04b337 saved requests 2014-12-17 22:29:18 -05:00
mposolda
fbe26e28f1 Minor improvements/fixes in documentation 2014-12-16 14:04:04 +01:00
Bill Burke
82c3e4c1bc adapter testsuite port and adapter fixes 2014-12-02 14:38:33 -05:00
Stian Thorgersen
e069f303a4 Added full scope to app in JaxrsBasicAuthTest 2014-12-01 13:39:19 +01:00
objectiser
8e01f8ecf1 KEYCLOAK-861 Support basic authentication against user credentials managed by KeyCloak. 2014-12-01 11:43:19 +00:00
mposolda
96d430cd7e Fix CookieTokenStoreAdapterTest sometimes failing 2014-11-21 17:34:30 +01:00
Bill Burke
5c6dd8e0c3 temp fix for contributor SAML PR 2014-11-11 22:09:38 -05:00
mposolda
279a70bcb8 Fix failing tests 2014-11-11 15:17:32 +01:00
mposolda
07fd8ae9d7 KEYCLOAK-836 Added OsgiJaxrsBearerTokenFilterImpl to be used in fuse 2014-11-10 22:16:20 +01:00
mposolda
a94ab5883d KEYCLOAK-835 Move AdapterConstants to different package 2014-11-10 22:16:20 +01:00
mposolda
d1e819cef1 KEYCLOAK-836 Refactoring of JaxrsBearerTokenFilter to work with both resteasy and Apache CXF. Added test 2014-11-10 22:16:14 +01:00
Stian Thorgersen
e7625c2bb1 KEYCLOAK-820 Don't expose realm private key through admin endpoints 2014-11-05 15:34:56 +01:00
Stian Thorgersen
91529ef6fd Fix MultiTenancyTest 2014-11-04 13:05:44 +01:00
mposolda
9ae8d6aee1 Fix LDAP test for case-insensitive databases like MySQL 2014-11-03 21:35:12 +01:00
mposolda
229391d48b Fix servlet logout on wildfly/undertow 2014-11-03 12:59:40 +01:00
Stian Thorgersen
488351e46f Merge pull request #828 from stianst/master
KEYCLOAK-787 Clicking back to login after sending password reset email f...
2014-10-31 14:05:31 +01:00
Stian Thorgersen
bb2de4dc59 KEYCLOAK-787 Clicking back to login after sending password reset email fails 2014-10-31 13:59:56 +01:00
Stian Thorgersen
8d1548bd4d Merge pull request #826 from stianst/master
Fixes
2014-10-31 12:45:31 +01:00
Stian Thorgersen
9b0d5acb50 KEYCLOAK-704 KEYCLOAK-768 Improvements to access code generation 2014-10-31 12:45:03 +01:00
mposolda
78a1df693c KEYCLOAK-808 Issue when DB search is case-sensitive byt LDAP search is not 2014-10-31 10:27:55 +01:00
Stian Thorgersen
8adad9dddf KEYCLOAK-806
Increase defaults for 'SSO Session Idle Timeout'
2014-10-31 09:41:21 +01:00
mposolda
a6ca925340 KEYCLOAK-788 Ensure expired ClientSessions removed during UserSessionProvider.removeExpiredUserSessions 2014-10-30 23:02:48 +01:00
Juraci Paixão Kröhling
8e764e642f KEYCLOAK-779
Adapter multi-tenancy support
2014-10-30 16:54:26 +01:00
mposolda
b88b520bad KEYCLOAK-799 - Configurable connections pooling for mongo client 2014-10-30 11:19:16 +01:00
Bill Burke
5e8ca5a140 Merge pull request #807 from patriot1burke/master
add tomcat7 adapter test
2014-10-28 18:41:57 -04:00
Bill Burke
da27f43573 add tomcat7 adapter test 2014-10-28 18:41:35 -04:00
Stian Thorgersen
6e4785e74c KEYCLOAK-777 No login event for social login 2014-10-28 19:56:41 +01:00
Stian Thorgersen
4eb60a169b KEYCLOAK-728 2014-10-28 19:48:11 +01:00
Bill Burke
cb110d095f conflict 2014-10-28 11:55:52 -04:00
Bill Burke
e3609cc85b app importer 2014-10-28 11:54:58 -04:00
mposolda
a538e25b9d KEYCLOAK-702 - Added AdapterTokenStore spi. Possibility to save account info to cookie as alternative to http session 2014-10-27 16:20:01 +01:00
Bill Burke
ce76270ad8 saml key refactor 2014-10-24 10:58:32 -04:00
Bill Burke
f38c6d3412 config optiosn 2014-10-22 14:00:56 -04:00
Bill Burke
d3375962ad signature algorithm support 2014-10-21 10:35:39 -04:00
Bill Burke
e0730e5517 Merge remote-tracking branch 'upstream/master' 2014-10-21 09:05:37 -04:00
Bill Burke
c1694a2791 more saml unit tests 2014-10-21 09:05:24 -04:00
Stian Thorgersen
2c218c9aa0 KEYCLOAK-711 HttpServletReqest.logout() does not work with relative URI 2014-10-21 12:36:20 +02:00
Stian Thorgersen
dd4b2f811b KEYCLOAK-710 Ignore missing roles in access-code 2014-10-21 11:15:35 +02:00
Bill Burke
e2de6edff8 saml unit tests 2014-10-20 16:31:00 -04:00
Bill Burke
d0ce72167d merge 2014-10-17 16:54:25 -04:00
Bill Burke
c91ecc3033 saml redirect binding 2014-10-17 16:48:45 -04:00
mposolda
7d8f265789 KEYCLOAK-759 dynamic registration of managementUrls in cluster 2014-10-17 21:51:46 +02:00
Stian Thorgersen
01507fc1dc KEYCLOAK-747 Fix onUserRemoved in user session providers 2014-10-17 13:35:07 +02:00
Bill Burke
3e5afcde9e saml encryption 2014-10-16 11:44:51 -04:00
Bill Burke
4750b22b6d saml signatures 2014-10-16 09:14:04 -04:00
Bill Burke
8fbc8fc736 Merge remote-tracking branch 'upstream/master' 2014-10-14 18:39:08 -04:00
Bill Burke
7760887ac1 app cert support, bug fixes 2014-10-14 18:38:48 -04:00
Stian Thorgersen
94de88ef3b KEYCLOAK-736 Database migration support" 2014-10-14 10:07:41 +02:00
Bill Burke
deffa9b4e1 oauth id in admin console 2014-10-10 16:55:57 -04:00
mposolda
2445575a04 Test for KEYCLOAK-741 2014-10-09 12:30:30 +02:00
mposolda
7e7406ddb7 KEYCLOAK-743 Stateless session mgmt. Drop statistics for adapters. 2014-10-08 22:18:10 +02:00
Bill Burke
13a2108846 undertow slash redirect problem 2014-10-08 09:45:49 -04:00
Bill Burke
5f1e6f3a23 merge 2014-10-07 18:17:44 -04:00
Bill Burke
6d5ab0f66b saml backchannel logout 2014-10-07 18:06:02 -04:00
mposolda
6522455b44 KEYCLOAK-738 Possible NPE in MemUserSessionProvider.getUserSessions 2014-10-07 19:19:46 +02:00
Bill Burke
e01424b815 Merge pull request #741 from patriot1burke/master
saml basic
2014-10-04 22:15:56 -04:00
Bill Burke
e3a3933390 saml basic 2014-10-04 21:27:48 -04:00
Stian Thorgersen
0d5be568f8 KEYCLOAK-722 Refreshing token throws RuntimeException if realm keys have changed 2014-10-03 13:23:21 +02:00
Stian Thorgersen
d6f030a05a KEYCLOAK-662 NPE when using direct grant API with email as username 2014-10-03 12:10:52 +02:00
Stian Thorgersen
a5aa1da841 Add login test with multiple sessions for same user 2014-10-03 10:41:04 +02:00
mposolda
e6121f301f KEYCLOAK-732 AuthenticationManager.logout should logout just current userSession 2014-10-02 22:52:44 +02:00
Bill Burke
cbc383d494 finish protocol refactoring 2014-10-01 14:19:59 -04:00
Bill Burke
4b399fe05a login protocol abstraction 2014-10-01 10:01:42 -04:00
Bill Burke
e32f73880f Merge remote-tracking branch 'upstream/master' 2014-09-30 15:58:39 -04:00
Bill Burke
63b65c933b token service refactoring 2014-09-30 15:58:20 -04:00
Stian Thorgersen
f026772c87 KEYCLOAK-725 Add realm update to the Admin Client 2014-09-30 15:43:18 +02:00
Stian Thorgersen
1d4e842cc0 Fixes to Mongo user session provider 2014-09-30 14:24:49 +02:00
Stian Thorgersen
209fdc1255 Fix UserSessionProviderTest.testGetByClientPaginated 2014-09-30 10:59:37 +02:00
Stian Thorgersen
bdeb59f87e Fixes to UserSessionProviderTest 2014-09-30 10:22:33 +02:00
Stian Thorgersen
99c73a9cc7 Clustering support 2014-09-30 09:40:20 +02:00
Bill Burke
fc867e59ea action url refactor 2014-09-29 16:57:58 -04:00
Bill Burke
75a3093dda login refactor phase 2, still more to do 2014-09-29 16:15:33 -04:00
Bill Burke
67f10bee24 Merge remote-tracking branch 'upstream/master' 2014-09-29 09:56:37 -04:00
Bill Burke
524b423733 ClientSession everywhere refactor phase1 2014-09-26 17:44:33 -04:00
Stian Thorgersen
f2e97ff9d6 Add test to add/remove attributes to user through admin endpoints 2014-09-25 19:35:57 +02:00
Stian Thorgersen
c12577e886 Fix welcome-theme for testsuite 2014-09-25 11:53:28 +02:00
mposolda
5352872b4b Use KEYCLOAK_REMEMBER_ME as hint to prefill login form. Change lifespan of KEYCLOAK_IDENTITY to maxSsoSessionLifespan 2014-09-16 22:09:27 +02:00
mposolda
6f173d4554 KEYCLOAK-678 Preserve form values in account mgmt after error 2014-09-11 20:54:48 +02:00
mposolda
649a40f58c KEYCLOAK-676 Validate email address format during registration or account mgmt 2014-09-11 20:05:00 +02:00
Stian Thorgersen
b23463a1d2 KEYCLOAK-653 Add theme support to welcome-pages 2014-09-11 15:58:29 +02:00
Stian Thorgersen
280cbf2174 KEYCLOAK-680 Add/remove social-links through admin api 2014-09-11 12:09:55 +02:00
Stian Thorgersen
f96e59d085 Added KEYCLOAK_DEV_PORT env variable for KeycloakServer 2014-09-11 11:05:29 +02:00
Stian Thorgersen
09860f1ee1 Fix test 2014-09-09 11:01:24 +02:00
Stian Thorgersen
d5c5cc8321 Fix AccountTest.viewLog test 2014-09-03 08:53:02 +02:00
mposolda
1f0dcbddbe KEYCLOAK-659 Export current version number during export 2014-09-02 17:06:58 +02:00
mposolda
44937d33ad Use stronger passwords in LDAP tests due to password policy on MSAD2012 2014-09-02 12:43:14 +02:00
Stian Thorgersen
0763d0d9d6 Merge pull request #660 from stianst/master
KEYCLOAK-658 Fix searching for users
2014-09-02 10:02:08 +02:00
Stian Thorgersen
8c8c44e50f KEYCLOAK-658 Fix searching for users 2014-09-02 10:01:44 +02:00
mposolda
e52811ac28 Added more props to LDAPEmbeddedServer to allow automated test with ActiveDirectory 2014-09-01 20:43:14 +02:00